diff options
Diffstat (limited to '')
-rw-r--r-- | security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c | 300 |
1 files changed, 300 insertions, 0 deletions
diff --git a/security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c b/security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c new file mode 100644 index 0000000000..62f86300ab --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c @@ -0,0 +1,300 @@ +/* + * test_httpcertstore.c + * + * Test Httpcertstore Type + * + * Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistribution of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistribution in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * Neither the name of Sun Microsystems, Inc. or the names of contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * This software is provided "AS IS," without a warranty of any kind. ALL + * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING + * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE + * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") + * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE + * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST + * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, + * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY + * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, + * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + * + * You acknowledge that this software is not designed or intended for use in + * the design, construction, operation or maintenance of any nuclear facility. + */ + +#include "testutil.h" +#include "testutil_nss.h" +#include "pkix_pl_common.h" + +static void *plContext = NULL; + +static void +printUsage(char *testname) +{ + char *fmt = + "USAGE: %s [-arenas] certDir certName\n"; + printf(fmt, "test_httpcertstore"); +} + +/* Functional tests for Socket public functions */ +static void +do_other_work(void) +{ /* while waiting for nonblocking I/O to complete */ + (void)PR_Sleep(2 * 60); +} + +PKIX_Error * +PKIX_PL_HttpCertStore_Create( + PKIX_PL_HttpClient *client, /* if NULL, use default Client */ + PKIX_PL_GeneralName *location, + PKIX_CertStore **pCertStore, + void *plContext); + +PKIX_Error * +pkix_pl_HttpCertStore_CreateWithAsciiName( + PKIX_PL_HttpClient *client, /* if NULL, use default Client */ + char *location, + PKIX_CertStore **pCertStore, + void *plContext); + +static PKIX_Error * +getLocation( + PKIX_PL_Cert *certWithAia, + PKIX_PL_GeneralName **pLocation, + void *plContext) +{ + PKIX_List *aiaList = NULL; + PKIX_UInt32 size = 0; + PKIX_PL_InfoAccess *aia = NULL; + PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN; + PKIX_PL_GeneralName *location = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("Getting Authority Info Access"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess(certWithAia, &aiaList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(aiaList, &size, plContext)); + + if (size != 1) { + pkixTestErrorMsg = "unexpected number of AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(aiaList, 0, (PKIX_PL_Object **)&aia, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocationType(aia, &iaType, plContext)); + + if (iaType != PKIX_INFOACCESS_LOCATION_HTTP) { + pkixTestErrorMsg = "unexpected location type in AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation(aia, &location, plContext)); + + *pLocation = location; + +cleanup: + PKIX_TEST_DECREF_AC(aiaList); + PKIX_TEST_DECREF_AC(aia); + + PKIX_TEST_RETURN(); + + return (NULL); +} + +int +test_httpcertstore(int argc, char *argv[]) +{ + + PKIX_UInt32 i = 0; + PKIX_UInt32 numCerts = 0; + PKIX_UInt32 numCrls = 0; + int j = 0; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 length = 0; + + char *certName = NULL; + char *certDir = NULL; + PKIX_PL_Cert *cmdLineCert = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_CertStore *certStore = NULL; + PKIX_CertStore *crlStore = NULL; + PKIX_PL_GeneralName *location = NULL; + PKIX_CertStore_CertCallback getCerts = NULL; + PKIX_List *certs = NULL; + char *asciiResult = NULL; + void *nbio = NULL; + + PKIX_PL_CRL *crl = NULL; + PKIX_CRLSelector *crlSelector = NULL; + char *crlLocation = "http://betty.nist.gov/pathdiscoverytestsuite/CRL" + "files/BasicHTTPURIPeer2CACRL.crl"; + PKIX_CertStore_CRLCallback getCrls = NULL; + PKIX_List *crls = NULL; + PKIX_PL_String *crlString = NULL; + + PKIX_TEST_STD_VARS(); + + startTests("HttpCertStore"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc != (j + 3)) { + printUsage(argv[0]); + pkixTestErrorMsg = "Missing command line argument."; + goto cleanup; + } + + certDir = argv[++j]; + certName = argv[++j]; + + cmdLineCert = createCert(certDir, certName, plContext); + if (cmdLineCert == NULL) { + pkixTestErrorMsg = "Unable to create Cert"; + goto cleanup; + } + + /* muster arguments to create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(getLocation(cmdLineCert, &location, plContext)); + + if (location == NULL) { + pkixTestErrorMsg = "Give me a cert with an HTTP URI!"; + goto cleanup; + } + + /* create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HttpCertStore_Create(NULL, location, &certStore, plContext)); + + /* get the GetCerts callback */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCerts, plContext)); + + /* create a CertSelector */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext)); + + /* Get the certs */ + PKIX_TEST_EXPECT_NO_ERROR(getCerts(certStore, certSelector, &nbio, &certs, plContext)); + + while (nbio != NULL) { + /* poll for a completion */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CertContinue(certStore, certSelector, &nbio, &certs, plContext)); + } + + if (certs) { + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certs, &numCerts, plContext)); + + if (numCerts == 0) { + printf("HttpCertStore returned an empty Cert list\n"); + goto cleanup; + } + + for (i = 0; i < numCerts; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(certs, + i, + (PKIX_PL_Object **)&cert, + plContext)); + + asciiResult = PKIX_Cert2ASCII(cert); + + printf("CERT[%d]:\n%s\n", i, asciiResult); + + /* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, NULL)); + asciiResult = NULL; + + PKIX_TEST_DECREF_BC(cert); + } + } else { + printf("HttpCertStore returned a NULL Cert list\n"); + } + + /* create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_HttpCertStore_CreateWithAsciiName(NULL, crlLocation, &crlStore, plContext)); + + /* get the GetCrls callback */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback(crlStore, &getCrls, plContext)); + + /* create a CrlSelector */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create(NULL, NULL, &crlSelector, plContext)); + + /* Get the crls */ + PKIX_TEST_EXPECT_NO_ERROR(getCrls(crlStore, crlSelector, &nbio, &crls, plContext)); + + while (nbio != NULL) { + /* poll for a completion */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CrlContinue(crlStore, crlSelector, &nbio, &crls, plContext)); + } + + if (crls) { + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(crls, &numCrls, plContext)); + + if (numCrls == 0) { + printf("HttpCertStore returned an empty CRL list\n"); + goto cleanup; + } + + for (i = 0; i < numCrls; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(crls, + i, + (PKIX_PL_Object **)&crl, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString( + (PKIX_PL_Object *)crl, + &crlString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(crlString, + PKIX_ESCASCII, + (void **)&asciiResult, + &length, + plContext)); + + printf("CRL[%d]:\n%s\n", i, asciiResult); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, plContext)); + PKIX_TEST_DECREF_BC(crlString); + PKIX_TEST_DECREF_BC(crl); + } + } else { + printf("HttpCertStore returned a NULL CRL list\n"); + } + +cleanup: + + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(cmdLineCert); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(crlStore); + PKIX_TEST_DECREF_AC(location); + PKIX_TEST_DECREF_AC(certs); + PKIX_TEST_DECREF_AC(crl); + PKIX_TEST_DECREF_AC(crlString); + PKIX_TEST_DECREF_AC(crls); + + PKIX_TEST_RETURN(); + + endTests("HttpDefaultClient"); + + return (0); +} |